Articles about Security

LinkedIn sues 100 individuals for scraping user data from the site

linkedin-mobile

Professional social network LinkedIn is suing 100 anonymous individuals for data scraping. It is hoped that a court order will be able to reveal the identities of those responsible for using bots to harvest user data from the site.

The Microsoft-owned service takes pride in the relationship it has with its users and the security it offers their data. Its lawsuit seeks to use the data scrapers' IP addresses and then discover their true identity in order to take action against them.

Continue reading

Traffic hijacking Linux flaw affects 80 percent of Android devices -- including Nougat

android_security

Android has had something of a rough time of things lately with the discovery of the Quadrooter vulnerability and the revelation that a flaw in version 3.6 of the Linux kernel also affects Google's mobile operating system.

Security firm Lookout estimates that 80 percent of Android devices (around 1.4 billion devices) are affected. While initial reports suggested that devices up to Android 4.4 KitKat are at risk, further testing shows that the problem still exists all the way up to Android 7.0 Nougat.

Continue reading

How to verify your HIPAA compliance

Checklist

Keeping patients’ confidential records secure is of utmost importance to healthcare organizations and the vendors who work alongside them. Not only is the proper safeguarding of information a good practice, it’s the law.

The Health Insurance Portability and Accountability Act (HIPAA) seeks to protect the sensitive data of patients and to empower healthcare practitioners to keep that information safe through strong security and privacy policies.

Continue reading

New key hack exposes 100 million Volkswagen cars

Volkswagen

Back in the day, people had to walk into a bank in order to rob it. They also had to walk into a car in order to steal it. Nowadays, people rob banks from the comfort of their home (or their parents’ basements), and it’s only a matter of time before they start hijacking cars the same way.

According to a couple of researchers, whose work has been covered by Wired recently, we’re already halfway there -- a new vulnerability has been found which allows hackers to remotely unlock 100 million Volkswagen cars.

Continue reading

Asian countries lag behind in data storage security

combination_lock

Asian nations are not very secure places to keep your digital data, a new report by secure data centre Artmotion suggests.

The report was built on data from the UN, World Economic Forum and Transparency International, among other groups. Titled Data Danger Zones, it ranks more than 170 nations on how good they are at keeping data secure.

Continue reading

Linux vulnerability lets 'anyone in the world' hijack Internet traffic

Surprised PC

Security researchers at the University of California, Riverside, have uncovered a major Linux vulnerability that enables hackers to hijack Internet traffic which, if exploited, can be used to intercept communications, launch targeted attacks, and lower Tor's anonymity. The vulnerability impacts iterations of the open-source kernel released in the past four years.

The security researchers believe that this security issue "affects a wide range of devices and hosts" -- the open-source kernel is well known for powering a significant number of servers and being at the heart of Android, the most popular mobile operating system today. The vulnerability was introduced in a TCP specification that is found in Linux versions starting with 3.6, which was released in September 2012.

Continue reading

Predictive risk technology helps fight phishing

Phishing magnified

Phishing attacks are on the increase and are becoming increasingly sophisticated. This means that older technologies such as blacklisting known phishing sites are struggling to keep up with the threat. The Anti Phishing Working Group detected a 250 percent jump in phishing sites between October 2015 and March 2016.

Fraud protection company Easy Solutions is helping to combat the problem with the public beta launch of its Swordphish predictive phishing and malware risk assessment technology.

Continue reading

Samsung Pay vulnerability can enable fraudulent payments

Samsung Pay

During the recent Defcon hacking conference, held last week in Paris, a hacker demonstrated how he could make fraudulent payments through Samsung Pay.

Samsung says it knew of this and considers it an acceptable risk. It claims the method is almost too difficult to pull off, and no different than fraud methods we see today with credit cards.

Continue reading

Over half of security pros say cloud vendors shouldn't give governments data access

Cloud access

There are a number of concerns that companies have over migrating to the cloud, but one of the key ones is who else might have access to the data.

Cloud security company Bitglass has released the results of its latest Mitigating Cloud Risks survey in conjunction with the Cloud Security Alliance, which shows that potential government access to encrypted data is an issue.

Continue reading

SecureAuth launches training program to cut security skills gap

students university graduation

Shortage of skills is one of the main reasons businesses give for not achieving their objectives according to Gartner and this is especially true in the cybersecurity field.

Access control specialist SecureAuth is aiming to address this with the launch of its SecureAuth University, a continuing education program for customers, partners and employees.

Continue reading

Microsoft creates Secure Boot backdoor, leaks golden keys

backdoor

Microsoft has created a backdoor in Secure Boot, the security feature designed to ensure that a device can only run the operating system that it is meant to. And, to make matters worse, it has just accidentally leaked the "golden keys" needed to bypass it.

The Secure Boot backdoor is there to, for instance, allow a Microsoft developer to install a new build of Windows on a device -- that has the security feature enforced -- without it having to be digitally signed beforehand. It makes their job easy, but it also makes the security system ineffective if -- when -- the golden keys that unlock it make their way into the wrong hands.

Continue reading

Most smart car vulnerabilities can be easily exploited

Hacker laptop

Remember that cyber-experiment when a couple of hackers managed to take control over a speeding car in the middle of the highway?

Well, IOActive has published a study, entitled Commonalities in Vehicle Vulnerabilities, after three years of testing, and the results are quite scary.

Continue reading

Data loss and theft is on the rise

Cyberthief

There has been a "sharp increase" in the number of lost and stolen corporate data in the past two years, according to a new report by the Ponemon Institute and Varonis Systems. But it’s not as straightforward as you’d think.

The new report, titled Closing Security Gaps to Protect Corporate Data: A Study of U.S. and European Organisations, says that 76 percent of respondents experienced either data loss, or theft, in the past 24 months.

Continue reading

Kaspersky finds advanced cyber-espionage malware that hid for five years

malware

Kaspersky Lab's security researchers have found a new cyber-espionage malware, most likely built by a nation-state to use against other states' organizations.

Dubbed "ProjectSauron", it is "particularly interested" in accessing encrypted communications. The malware hunts such communications down using an "advanced modular cyber-espionage platform", comprised of a number of different and unique tools.

Continue reading

New solution detects enterprise data at risk on shadow IT

Shadows street

Shadow IT is an increasingly major concern for businesses, the use of public cloud services offers convenience for workers but risks confidential information being exposed outside the organisation.

Canadian endpoint security company Absolute is launching new functionality for its Absolute Data and Device Security (DDS) product that detects data at risk on endpoints associated with cloud storage applications.

Continue reading

© 1998-2016 BetaNews, Inc. All Rights Reserved. Privacy Policy.